<?php
session_start();
//包含头
include '../PHP/head.php';
?>
<?php
require_once ('../FNS/db_fns.php');
//创建短变量并清除前后空格
if(isset($_POST['user_id'])) {

$user_id = trim ($_POST['user_id']);
$pass_wd= trim ($_POST['pass_wd']);

//判断数据是否为空
if (!$user_id || !$pass_wd){
    echo "<br />";
	echo "<br />";
	echo "<p>输入不能为空，请返回重新登录！</p>";
	echo "<a href='../HTML/bid.html'>返回登录页面</a>";
	echo "</div>";
	echo "</body>";
	exit;
}

//数据过滤和处理

if (! get_magic_quotes_gpc()) {
$user_id=addslashes ($user_id);
$pass_wd=addslashes ($pass_wd);
}

$db = db_connect();
$query="select * from users where id = '".$user_id."'";
$result=$db->query ($query);
$num_result=$result->num_rows;
$row=$result->fetch_assoc ();
if (!$num_result) {
	echo "<br />";
	echo "<br />";
	echo "<body>";
	echo "<p>用户不存在，请返回重新登录。</p>";
	echo "<a href='../HTML/bid.html'>返回登录页面</a>";
	echo "</div>";
	echo "</body>";
	$result->free();
	$db->close();
exit;
}
if ($pass_wd <> $row['pass_wd']){
echo "<br />";
echo "<br />";
echo "<body>";
echo "<p>密码输入错误，请返回重新登录。</p>";
echo "<a href='../HTML/bid.html'>返回登录页面</a>";
echo "</div>";
echo "</body>";
$result->free();
$db->close();
exit;
}
//将user_id和user_name存入会话变量中
$user_name=$row['name'];
$user_position=$row['position'];
$result->free();
$db->close();

//包含bootstrap的顶端按钮
$_SESSION['user_id']=$user_id;
$_SESSION['user_name']=$user_name;
$_SESSION['user_position']=$user_position;
}
include '../PHP/menu.php';
echo "<br />";
echo $_SESSION['user_name']."登录成功！</p>";
?>


</div>
</body>
</html>
